Beruflich Dokumente
Kultur Dokumente
Domination.com
Complete guide on wireless hacking!!
HackWiFi HowtocrackWPA2WiFipasswordusingreaver(99%chance)!!
Howtoseewhoisusingyourwirelessnetwork(Windows)
How to crack WPA2 WiFi password
using reaver (99% chance) !!
5
3May2014| HackWiFi
TodayIamgoingtoteachyouhowtoeasilyhackWPA/WPA2PSKenablednetworkusing
reaver.But,forthatthetargetedroutershouldsupportWPS(WiFiProtectedSetup)whichis
supportedbymostoftherouternowadays.WPSisanoptionaldeviceconfigurationprotocol
forwirelessaccesspointswhichmakeitreallyeasiertoconnect.
ThisfeatureexistinmostoftherouterfortheeasysetupprocessthroughtheWPSpin
whichishardcodedintothewirelessaccesspoint.Reavertakestheadvantageofa
vulnerabilityinWPS.ThankstoCraigHeffnerforreleasinganopensourceversionofthis
toolnamedReaverthatexploitsthevulnerability.Insimpletone,Reavertriestobruteforce
thepinwhichinresultrevealWPAorWPA2passwordafterenoughtime.
WhatYoullNeed
YoudonothavetobeaexpertatLinuxorinevenusingcomputer.Thesimplecommand
line(console)willdoallthethings.Butyoumayneedalotoftimeforthisprocessandalso
someluck.Thebruteforcemaytakefrom2hourstomorethan10hourstoosometimes.
Therearevariouswaystosetupreaverbutherearetherequirementforthisguide.
BacktrackOS.BacktrackisabootableLinuxdistributionwithlotsofpentestingtools.
YoucanusevariousotherLinuxdistributionbutIpreferbacktrack.Ifyoudon`tknow
howtoinstallbacktrackthenpleasecheckthislinkfirst.
Acomputerandwirelessnetworkcard.Icannotguaranteeifthiswillworkwithallthe
internalwirelesscardbutirecommendaexternalwirelesscard.
AlotofPatience.TheprocessissimplebutbruteforcingthePINtakesalotoftime.
Soyouhavetobepatience.KickingtheComputerwonthelpyouthistime.
LetsGetStarted
NowyoushouldhaveabacktrackOSreadyforaction.
Step1:BootintoBackTrack
Youcanuseanymethodtobootintobacktracklikefromlivecd,VMware,dualboot,etc.
So,justbootitfirstintotheGUImodeandopenupanewconsole(commandline)whichisin
thetaskbar.Sojustbootintobacktrack.Duringthebootprocess,BackTrackwillpromptyou
totochoosethebootoptions.SelectBackTrackTextDefaultBootTextModeandpress
Enter.
AftersometimeBacktrackwilltakeyouintoacommandlinepromptwhereyoushould
typestartxandpressEnter.BackTrackwillbootwillintoGraphicalUserInterface(GUI)
mode.
Step2:InstallReaver(SkipthisstepifyouareusingBackTrack5)
ReavershouldbealreadyinstalledintheBacktrack5butifyouareusingolderbacktrackor
anyotherLinuxdistributionyoucaninstallReaverbyusingfewstepsbelow.
1. FirstConnectyourBackTracktotheinternet.ForWiFiconnectiongotoApplication>
Internet>WicdNetworkManager
2. Selectyournetworkandclickconnectandinputyourpasswordifnecessary,clickOK
andclickCONNECTthesecondtime.
NowthatyouareconnectedtointernetitstimetoinstallReaver.Clicktheterminaliconin
themenubar.Andattheconsoletypethefollowing:
Like Us!!
HackWifi
11,218peoplelikeHackWifi.
Facebooksocialplugin
Like
Hack WiFi Install BackTrack Other Cool Stuffs
apt-get update
apt-get install reaver
NowifeverythingworkedfineyouwillgetafreshlyinstalledReavertool.Nowifyouare
testingitinyourownsystemthenpleasegotoWicdNetworkManagerandDisconnect
yourselffirst.
Step3:GatherInformation
BeforelaunchingtheReaverattackyouneedtoknowyourtargetwirelessnetworkname,
BSSID(itistheseriesofuniquelettersandnumberofaparticularrouter)anditschannel
number.Sotoknowthismakeyourwirelesscardintomonitormodeandgathertherequired
informationoftheaccesspoints.Soletusdoallthesethings.
Firstletsfindyourwirelesscard.Insideterminalorconsole,type:
airmon-ng
PressEnterandthereyoushouldseealistofinterfacenamesofdifferentdevices.There
shouldbeawirelessdeviceinthatlistyouyouhaveconnectedittoBackTrack.Probablyit
maybewlan0orwlan1.
Note:ToconnectyourwirelessnetworkcardintoWMware.Firstly,connectittotheUSB
andthenyouwillseeasmallUSBiconlikeinthefigureinthetoprightofVMware.Then,
rightclickonitandclickconnect.Atlast,USBsignwillturnintogreencolourandstartto
glow.
Enablemonitormode.Supposingyourwirelesscardinterfacenameaswlan0,typethis
commandinthatsameconsole.
airmon-ng start wlan0
Thiscodewillcreateanewmonitormodeinterfacemon0likeinthescreenshotbelowwhich
youwanttokeepnoteof.
SearchtheBSSIDoftheAccessPoint(router)youwanttocrack.Therearefewwaysto
searchfortheAccessPointBSSIDbutIprefertousetheinbuiltreaversearchmethod
whichshowsthelistofWPSvulnerableBSSIDonly.
Intheconsoletypethisfollowingcommandandpressenter:
wash -i mon0
YouwillseethelistofwirelessnetworksthatsupportWPSwhicharevulnerabletoReaver
asseeninthescreenshotbelow.Afterfewminutesyoucanstopthescanbypressing
Ctrl+C.
Step4:LetsstartCracking
IsuggestyoutotrytocracktheoneswhichhaveWPSlockdisabledorsayNOinWPS
Lockedcolumn.ItmayalsoworkifitsaysYESbutIamnotsureofthat.Forthat,copythe
BSSIDofthetargetAPandalsokeepnoteofitschannelandintheconsoleandtypethe
followingandEnter:
reaver -i monitormode -c channel -b targetbssid -vv
ForMyCasethemonitormodewillbemon0channelwouldbe1,targetbssidwouldbe
C8:3A:35:54:88:81andvviswrittentoshowthecurrentstatisticoftheattacklike
percentagecompleted,currentlybruteforcingPINandsoonsowewilltypethefollowing
andenter:
reaver -i mon0 -c 1 -b C8:3A:35:54:88:81 -vv
PressEnterandifeverythinggoesrightthenyouwillseetheattackprocesslikeinthe
screenshotbelow.PleasenotethatyouwillnotgetRestoreprevioussessionlikeme
becauseIhavealreadytriedtocrackitso,itispromptingmetoeithertoresumefromthat
pausedpointornot.YourprogresswillalsobesavedifyourpressCtrl+C.Itwillpromptyou
thesameifyouagainhitthesameabovecommandandyoucanresumeitfromthere.
NowjustwaitorhavesomecoffeeandletReaverdoitsmagic.Itmighttakefrom2hoursto
10hoursormore.Thereare8numericdigitsofWPSbutduethefactthatWPS
authenticationprotocolcutsthepininhalfandvalidateseachhalfseparately.Sincethelast
digitofpinisacheksumvaluewhichcanbecalculatedonthebasisofpreviousvaluethere
are10^4=10,000possiblevaluesforfirsthalfandthen10^3=1000valuesforthelastpin.So
theWPSpincodecanbecalculatedin11,000possiblepincode.SomeAPcancheckthe
WPSpinintherateof1pinpersecondandsometakemoresothetimedependuponthe
APandeventhenetworkconnectionstrengthdependstoo.
WhenthePINissuccessfullybruteforcedReaverwillshowyoutheWPSPINandtheplain
passwordoftheAPlikeinthebelowscreenshot.
IrecommendyoutokeepnoteoftheWPSpinsothatifthepasswordischangedagainyou
canhackthatinfewsecondsthenexttimebyusingthefollowingprocess.
reaver -i (monitor interface) -b (BSSID) -c (channel) --pin=(8 d
igit pin) -vv
Example:
reaver -i mon0 -b 11:22:33:44:55:66 -c 1 --pin=12345678 -vv
Sonowtheerrorpartasyoumightgetabunchoferrordependinguponyourconditions.You
mightgetsometimeoutbutitisnormalbutifyouaregettingothererrorsthenseethebelow
Errorsectionforthat
ErrorSection:
Ifyouaregettingthefollowingerrorthencheckthecorrespondingsolutionforthat.
If10consecutiveunexpectedWPSerrorsareencountered,awarningmessagewillbe
shown.SincethismaybeasignthattheAPisratelimitingpinattempts,awaiting
commandcanbeissuedthatwilloccurwheneverthesewarningmessagesappearsby
issuingthefollowingcommand:
reaver -i mon0 -b 00:01:02:03:04:05 --fail-wait=360
Thedefaultreceivetimeoutperiodis5seconds.Thistimeoutperiodcanbeset
manuallyifnecessary(minimumtimeoutperiodis1second):
reaver -i mon0 -b 00:01:02:03:04:05 -t 3
5 thoughts on How to crack WPA2 WiFi password using reaver (99%
chance) !!
Leave a Reply
Thedefaultdelayperiodbetweenpinattemptsis1second.Thisvaluecanbeincreased
ordecreasedtoanyvalue.Pleasenotethat0meansnodelay:
reaver -i mon0 -b 00:01:02:03:04:05 -d 0
Sohereendsthetutorialonhowtocrackwirelessnetworkeasilyusingreaver.GoodLuck
Hacking!!!
Related
HowtocrackWPA2and
WPAWiFipasswordStep
bystepguide!
Howtocrackwepwifi
password..!!
Howtoseewhoisusing
yourwirelessnetwork
(Windows)
In"HackWiFi"
In"HackWiFi"
In"OtherCoolStuffs"
bibek
Soundsinteresting!
butivegotonequestion.
forthebruteforceandreavertoworkisitrequiredthatthewpsbuttonis
pressedinrouter?Ithinkigotitwrong.Wouldyoumakeitmoreclear
please
Reply
Jul12,20144:12pm
admin
Itwillworkevenifthebuttonisnotpushed.Butsomecheaprouter
willnotbebruteforceduetosomeoftheirhardwarefault.Itmay
includesomerouterofTplink,DigicomandmostlyTenda.
Reply
Jul26,20148:14pm
Arash
hi!tnxforyourinformation
whenitypeairmonngicantseeAnything..justtitlesinterface,
chipset,drive
or,whenrunwicdnetworkmanageriseeanerror!!!!!
andmylaptopsFnkeynotworkinbacktrack5r3
whatshouldido?????????????tnxforyourhelp
Reply
Aug8,20142:14pm
admin
InstallBacktrackagainandseeiftheproblemgoes.
Reply
Aug9,20148:39am
Arash
Ididthat,ihavethisproblemagain!!!!
alsoinWICDicantseemyWirelessnetworktoconnect
Reply
Aug9,201412:25pm
2014WirelessDomination.comAllRightsReserved.
Howtoseewhoisusingyourwirelessnetwork(Windows)
Author(required)
Email(willnotbepublished)(required)
Website
b i link bquote code closetags
PostComment
Notifymeoffollowupcommentsbyemail.
Notifymeofnewpostsbyemail.